Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:30733
HistoryMay 15, 2014 - 12:00 a.m.

FD - Cobbler Arbitrary File Read CVE-2014-3225

2014-05-1500:00:00
vulners.com
22
JSON

Vulnerability title: Arbitrary file read

CVE: CVE-2014-3225

Vendor: Cobbler

Product: Cobbler

Affected version: <=2.6.0

Fixed version: N/A

Reported by: Dolev Farhi

VULNERABILITY Details:

In all Cobbler versions (<= 2.6.0) an arbitrary system files read
vulnerability is possible via the cobbler profile creation page.
Cobbler does not validate the file is a .ks file nor does it restrict the
user to a certain path.
Cobbler runs under the root user privileges, which allows read access to all
system files.
This issue exposes all files to any attacker attempting to provide full file
path to crucial system files such as /etc/passwd or /etc/shadow in the
Kickstart path.
https://github.com/cobbler/cobbler/issues/939

Proof of concept

Create a regular cobbler profile, assign a distribution to it.
In kickstart value, provide /etc/shadow or any other file.
Save -> navigate to "View kickstart" -> file is shown.

PROOF OF CONCEPT vid

https://www.youtube.com/watch?v=vuBaoQUFEYQ

Related

openvas 3
github 1
osv 2
fedora 2
nessus 3
packetstorm 1
prion 1
ubuntucve 1
cve 1
gitlab 1
securityvulns 2
ubuntu 1
openvas
openvas
Fedora Update for cobbler FEDORA-2014-8545
2014-07-28 00:00:00
Fedora Update for cobbler FEDORA-2014-8561
2014-07-28 00:00:00
Ubuntu: Security Advisory (USN-6475-1)
2023-11-14 00:00:00
github
github
Cobbler Path Traversal vulnerability
2022-05-14 02:52:42
osv
osv
Cobbler Path Traversal vulnerability
2022-05-14 02:52:42
cobbler vulnerabilities
2023-11-13 15:04:17
fedora
fedora
[SECURITY] Fedora 20 Update: cobbler-2.6.3-1.fc20
2014-07-28 03:25:38
[SECURITY] Fedora 19 Update: cobbler-2.6.3-1.fc19
2014-07-28 03:24:56
nessus
nessus
Fedora 19 : cobbler-2.6.3-1.fc19 (2014-8545)
2014-07-28 00:00:00
Fedora 20 : cobbler-2.6.3-1.fc20 (2014-8561)
2014-07-28 00:00:00
Ubuntu 16.04 ESM : Cobbler vulnerabilities (USN-6475-1)
2023-11-13 00:00:00
packetstorm
packetstorm
Cobbler 2.6.0 Arbitrary File Read
2014-05-13 00:00:00
prion
prion
Path traversal
2014-05-14 00:55:00
ubuntucve
ubuntucve
CVE-2014-3225
2014-05-14 00:00:00
cve
cve
CVE-2014-3225
2014-05-14 00:55:00
gitlab
gitlab
Local File inclusion
2014-05-13 00:00:00
securityvulns
securityvulns
Web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;
2014-05-10 00:00:00
Web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;
2014-05-15 00:00:00
ubuntu
ubuntu
Cobbler vulnerabilities
2023-11-13 00:00:00
JSON
Related for SECURITYVULNS:DOC:30733
openvas3github1osv2fedora2nessus3packetstorm1prion1ubuntucve1cve1gitlab1securityvulns2ubuntu1